From 60ffcfdabcc0159f949ecec74370fd7c5903afad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Fern=C3=A1ndez=20Rojas?= Date: Sun, 28 Jan 2024 10:07:55 +0100 Subject: [PATCH 1/4] packages: drop bcm27xx-userland MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bcm27xx-userland is deprecated and bcm27xx-utils should be used instead. https://github.com/raspberrypi/userland/commit/96a7334ae9d5fc9db7ac92e59852377df63f1848 Signed-off-by: Álvaro Fernández Rojas --- package/utils/bcm27xx-userland/Makefile | 96 ------------------------- 1 file changed, 96 deletions(-) delete mode 100644 package/utils/bcm27xx-userland/Makefile diff --git a/package/utils/bcm27xx-userland/Makefile b/package/utils/bcm27xx-userland/Makefile deleted file mode 100644 index 461cf3e954..0000000000 --- a/package/utils/bcm27xx-userland/Makefile +++ /dev/null @@ -1,96 +0,0 @@ -# -# Copyright (C) 2019-2020 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=bcm27xx-userland -PKG_VERSION:=96a7334ae9d5fc9db7ac92e59852377df63f1848 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/raspberrypi/userland/tar.gz/$(PKG_VERSION)? -PKG_HASH:=557ee8390de5db1ed90386c1ba0221e7f6f9dd87e858a00a34be3b1f9ede193f - -PKG_FLAGS:=nonshared - -PKG_MAINTAINER:=Álvaro Fernández Rojas -PKG_LICENSE:=BSD-3-Clause -PKG_LICENSE_FILES:=LICENCE - -CMAKE_INSTALL:=1 -CMAKE_OPTIONS+=-DVMCS_INSTALL_PREFIX=/usr - -ifeq ($(ARCH),aarch64) - CMAKE_OPTIONS+=-DARM64=ON -else - CMAKE_OPTIONS+=-DARM64=OFF -endif - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/cmake.mk - -TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) -TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) - -define Package/bcm27xx-userland - SECTION:=utils - CATEGORY:=Utilities - DEPENDS:=@TARGET_bcm27xx - TITLE:=BCM27xx userland tools -endef - -define Package/bcm27xx-userland/description - BCM27xx userland tools including vcgencmd and tvservice. -endef - -define Package/bcm27xx-userland-dev - SECTION:=devel - CATEGORY:=Development - SUBMENU:=Libraries - DEPENDS:=@TARGET_bcm27xx +bcm27xx-userland - TITLE:=Development files of BCM27xx userland tools -endef - -define Package/bcm27xx-userland-dev/description - This package contains the header and static libraries of - the BCM27xx userland tools. -endef - -define Package/bcm27xx-userland/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/dtmerge $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/dtparam $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/dtoverlay $(1)/usr/bin -ifneq ($(ARCH),aarch64) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/raspistill $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/raspivid $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/raspividyuv $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/raspiyuv $(1)/usr/bin -endif - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tvservice $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/vcgencmd $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/vcmailbox $(1)/usr/bin - - $(INSTALL_DIR) $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so $(1)/usr/lib/ -ifneq ($(ARCH),aarch64) - $(INSTALL_DIR) $(1)/usr/lib/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/plugins/ $(1)/usr/lib/ -endif -endef - -define Package/bcm27xx-userland-dev/install - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/ $(1)/usr/ - - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.a $(1)/usr/lib/ -endef - -$(eval $(call BuildPackage,bcm27xx-userland)) -$(eval $(call BuildPackage,bcm27xx-userland-dev)) From 920414ca8848fe1b430e436207b4f8c927819368 Mon Sep 17 00:00:00 2001 From: orangepizza Date: Mon, 29 Jan 2024 11:37:43 +0900 Subject: [PATCH 2/4] mbedtls: security bump to version 2.28.7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for following security issues: * Timing side channel in private key RSA operations (CVE-2024-23170) Mbed TLS is vulnerable to a timing side channel in private key RSA operations. This side channel could be sufficient for an attacker to recover the plaintext. A local attacker or a remote attacker who is close to the victim on the network might have precise enough timing measurements to exploit this. It requires the attacker to send a large number of messages for decryption. * Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775) When writing x509 extensions we failed to validate inputs passed in to mbedtls_x509_set_extension(), which could result in an integer overflow, causing a zero-length buffer to be allocated to hold the extension. The extension would then be copied into the buffer, causing a heap buffer overflow. Fixes: CVE-2024-23170, CVE-2024-23775 References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/ References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ Signed-off-by: orangepizza Signed-off-by: Petr Štetiar [formal fixes] --- package/libs/mbedtls/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile index 246b21a853..ad13bbe846 100644 --- a/package/libs/mbedtls/Makefile +++ b/package/libs/mbedtls/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mbedtls -PKG_VERSION:=2.28.5 +PKG_VERSION:=2.28.7 PKG_RELEASE:=2 PKG_BUILD_FLAGS:=no-mips16 gc-sections no-lto PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=849e86b626e42ded6bf67197b64aa771daa54e2a7e2868dc67e1e4711959e5e3 +PKG_HASH:=1df6073f0cf6a4e1953890bf5e0de2a8c7e6be50d6d6c69fa9fefcb1d14e981a PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=gpl-2.0.txt From 7227dabfeb74d8a4f3826b29f4174d637d1939af Mon Sep 17 00:00:00 2001 From: Aleksander Jan Bajkowski Date: Sun, 28 Jan 2024 20:41:31 +0100 Subject: [PATCH 3/4] lantiq: replace patch with upstream version Replace recently added patch with version accepted upstream. Signed-off-by: Aleksander Jan Bajkowski --- ...-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename target/linux/lantiq/patches-5.15/{0321-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch => 0321-v6.8-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch} (86%) diff --git a/target/linux/lantiq/patches-5.15/0321-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch b/target/linux/lantiq/patches-5.15/0321-v6.8-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch similarity index 86% rename from target/linux/lantiq/patches-5.15/0321-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch rename to target/linux/lantiq/patches-5.15/0321-v6.8-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch index 78043545b0..5339350e2f 100644 --- a/target/linux/lantiq/patches-5.15/0321-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch +++ b/target/linux/lantiq/patches-5.15/0321-v6.8-MIPS-lantiq-register-smp_ops-on-non-smp-platforms.patch @@ -1,6 +1,6 @@ -From 6e8d8b183accefae42c62f1bd495a405ce454c7d Mon Sep 17 00:00:00 2001 +From 4bf2a626dc4bb46f0754d8ac02ec8584ff114ad5 Mon Sep 17 00:00:00 2001 From: Aleksander Jan Bajkowski -Date: Sun, 21 Jan 2024 18:36:23 +0100 +Date: Mon, 22 Jan 2024 19:47:09 +0100 Subject: [PATCH] MIPS: lantiq: register smp_ops on non-smp platforms Lantiq uses a common kernel config for devices with 24Kc and 34Kc cores. @@ -11,6 +11,7 @@ SMP enabled. Fixes: 730320fd770d ("MIPS: lantiq: enable all hardware interrupts on second VPE") Signed-off-by: Aleksander Jan Bajkowski +Signed-off-by: Thomas Bogendoerfer --- arch/mips/lantiq/prom.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) From 0b498c3c3f1ebc6ffb5055ca07129eb21d8aef9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Fern=C3=A1ndez=20Rojas?= Date: Mon, 29 Jan 2024 10:11:40 +0100 Subject: [PATCH 4/4] bcm27xx: bcm2712: enable USB symbols and drop packages MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This allows booting from USB. Fixes: 8b63d9ac4ae9 ("bcm27xx: add new bcm2712 subtarget") Signed-off-by: Álvaro Fernández Rojas --- target/linux/bcm27xx/bcm2712/config-6.1 | 5 +++++ target/linux/bcm27xx/image/Makefile | 3 +-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/target/linux/bcm27xx/bcm2712/config-6.1 b/target/linux/bcm27xx/bcm2712/config-6.1 index 08445ffee2..ed2cc0ebe4 100644 --- a/target/linux/bcm27xx/bcm2712/config-6.1 +++ b/target/linux/bcm27xx/bcm2712/config-6.1 @@ -426,6 +426,7 @@ CONFIG_PADATA=y CONFIG_PAGE_POOL=y CONFIG_PAGE_SIZE_LESS_THAN_256KB=y CONFIG_PAGE_SIZE_LESS_THAN_64KB=y +CONFIG_PAHOLE_HAS_LANG_EXCLUDE=y CONFIG_PARTITION_PERCPU=y CONFIG_PCI=y CONFIG_PCIEAER=y @@ -575,6 +576,10 @@ CONFIG_USB=y CONFIG_USB_ANNOUNCE_NEW_DEVICES=y # CONFIG_USB_BRCMSTB is not set CONFIG_USB_COMMON=y +CONFIG_USB_DWC3=y +# CONFIG_USB_DWC3_DUAL_ROLE is not set +# CONFIG_USB_DWC3_GADGET is not set +CONFIG_USB_DWC3_HOST=y CONFIG_USB_DWCOTG=y CONFIG_USB_GADGET=y # CONFIG_USB_HCD_BCMA is not set diff --git a/target/linux/bcm27xx/image/Makefile b/target/linux/bcm27xx/image/Makefile index e55a7b17b5..e5c2d15499 100644 --- a/target/linux/bcm27xx/image/Makefile +++ b/target/linux/bcm27xx/image/Makefile @@ -181,8 +181,7 @@ define Device/rpi-5 cypress-firmware-43455-sdio \ brcmfmac-nvram-43455-sdio \ kmod-brcmfmac wpad-basic-mbedtls \ - kmod-hwmon-pwmfan kmod-thermal \ - kmod-usb-dwc3 kmod-usb3 + kmod-hwmon-pwmfan kmod-thermal IMAGE/sysupgrade.img.gz := boot-common | boot-2711 | sdcard-img | gzip | append-metadata IMAGE/factory.img.gz := boot-common | boot-2711 | sdcard-img | gzip endef